Not the 'Wild West': Talking Cyber Ops at Iran's Backdoor

An Iranian technician works at the Uranium Conversion Facility just outside the city of Isfahan 255 miles south of the capital Tehran, Iran, Feb. 3, 2007.

Vahid Salemi/AP Photo

[Editor's Note: The original version of this story incorrectly identified Robert Clark as an operational attorney for the U.S. Cyber Command. He is an operational attorney for the U.S. Army Cyber Command. Also, the original report included the quoted word "revolutionary," but it was not clear that quote was meant to reference previous descriptions of the various cyber weapons and was not a reflection of Clark's remarks.]

Robert Clark, an attorney for U.S. Army Cyber Command, stood in a grand ballroom with gold flaked ceilings and sparkling chandeliers to address an audience that included men in flowing white robes and veiled women and tried to hammer home a single point: cyber warfare is not the "Wild West."

In an age where a new powerful cyber weapon is discovered every few months -- usually on computers in Iran -- Clark, who emphasized that he was speaking only in a personal capacity and not on behalf of the U.S. government, wanted to assure the relatively small gathering in the United Arab Emirates that legal considerations would be taken into account before cyber attacks are launched.

"Articles that talk about cyber warfare and [say] that rules of engagement aren't evolving as fast as [the cyber attacks], it's just not true," Clark said. "We have the law of armed conflict applying to any type conflict and it applies to cyberspace operations also... It's just not the Wild West out there."

For most of his presentation, Clark spoke in generalities about the legal aspects of American cyber capabilities because despite the months-old admission from U.S. Cyber Command chief Gen. Keith Alexander that the military is developing a "pro-active, agile cyber force," and the oft-cited New York Times report on America's role in developing Stuxnet, the devastating cyber weapon that hit an Iranian nuclear facility in late 2009, no current American officials have gone on record claiming responsibility for an offensive cyber attack.

However, emboldened by a government colleague's praise of Stuxnet earlier this year, Clark couldn't resist using it as a hypothetical example.

He said that before a weapon like Stuxnet would be launched, the same legal criteria would be considered as if it were a physical military attack. Is there an imminent threat from the target? Does it absolutely have to be taken out? Will the attack cause casualties or collateral damage that could and should be avoided?

Answering his own question about casualties, Clark echoed comments from colleague Air Force Col. Gary Brown when he noted the impressive restraint of the worm. Though Stuxnet was discovered on thousands of computers around the world in 2010, cyber researchers quickly realized that it was something of a smart bomb. It would spread harmlessly from computer to computer until it found itself on the exact system configuration -- a control system at an Iranian nuclear facility -- it was meant to target.

"Stuxnet," Clark said, "was a very discriminant weapon."

After Stuxnet was discovered and analyzed, Richard Clarke, a former White House counter-terrorism adviser and current ABC News consultant, said he thought that Stuxnet showed such care to limit collateral damage that it must have been developed with healthy input from anxious lawyers.

Robert Clark's presentation Wednesday was one of the first talks at the Black Hat security conference held at the opulent Emirate Palace Hotel in Abu Dhabi and though most of the presentations were highly technical, Clark wasn't the first and or the last to talk about the cyber struggle over Iran.

Jason Healey, director of the Cyber Statecraft Initiative at the Atlantic Council, said later in the day that the discovery of Stuxnet -- the first worm clearly authored by a nation-state to attack another nation-state -- was one of the most significant moments in the relatively short history of cyber warfare.

In his keynote address just before Clark's talk, Black Hat founder Jeff Moss briefly discussed the recent cyber attacks aimed at Wall Street -- unprecedented floods of traffic that U.S. officials have blamed on Iran, even if the hackers deny the connection.

During a break in the talks the presenters and audience members mixed at a lunch on the terrace of the Emirates Palace Hotel, where they chatted about what the cyber world will look like in the coming years and the challenges men that them would likely face.

The terrace had a striking view of nearby white sand beaches and the Arabian Gulf beyond them. Just a few miles farther, over the horizon, lay Iran.